Quick Reference Guide
Manage Rogue Access Points, Guest Network Access, and Users
108
ProSAFE Wireless Controller WC9500
Manage Rogue Access Points
Rogue access point detection is disabled by default on the wireless controller. If you want to
detect rogue access points, you need to enable rogue access point detection. Scanning
might affect the service availability of the access point temporarily.
An access point is defined as rogue if:
• The access point’s radio basic service set identifier (BSSID) is detected by any of the
managed access points.
• The access point transmits on the Ethernet side on the same Layer 2 as the managed
access points.
• At least one client is connected to the access point.
Any unmanaged access point not meeting all these conditions is classified as a neighbor.
The access points transmit broadcast frames on the Ethernet during the time access point
radios are of
f-channel (and scanning).
The wireless controller can detect and maintain a maximum of 512 access points, both
neighboring and rogue access points.
Note: If enabled, basic rogue AP detection and advanced rogue AP
detection apply to all profiles, whether in the basic profile group or in
any of the advanced profile groups.
Configure Basic Rogue Detection Settings
In a basic setup, you can set up one detection server. In an advanced setup you can create
multiple detection servers (for more information, see Classify Rogue Access Points on
page 109).
To set up a server to detect rogue access points:
1. Select Configuration > Security > Basic > Rogue AP.